Article 574 Subject Webbroker : How to check if a user can view a page. [Edit] on embarcadero.public.datasnap

Article

From:

Robert Triest

📋

To:

All

Subject:

Webbroker : How to check if a user can view a page. [Edit]

Newsgroup:

embarcadero.public.datasnap

Next in
thread

19-Apr-2011

Webbroker : How to check if a user can view a page. [Edit]

Hello,


After Authentication I store the userID in a datasnap session and in the

following pages I check if the user is Authenticated (via the examples javascript setcredential function) but I like to check also if the user can view the page by checking the param of the page and

the Session userID.


So after the user is Authenticated by the login page the loginpage
shows the next page via javascript like : 


var s = serverMethods().GetSessionUserID();
(function that looks to the TDSSession)
window.location="http://server.com/newpage?Userid="+s.result;


This will open the newpage and in the Pageproducer onHTMLTag
I ask for the Userid via the Request.ContentFields and create the 
page for the user using the Userid.


But now if the user just type in the browser:


http://server.com/newpage?Userid=5
I don't see where I can check if the user is allowed to
view the Userid=5 page because in the  onHTMLTag event of the newpage
you can *not* ask for the TDSSession session Userid (always nil)


so, in the newpage I can check via javascript if the user is already
authenticated but I like to check also if the user is allowed to
view pages asked by the Request.ContentFields.


How should I do this?

FYI: Phrase searches are enclosed in either single or double quotes